Email AntiSpam filters & AntiSpam tools

Details

Created: 21 February 2012

Is it possible to stop spam mail from being sent to our mailboAxes? Unfortunately the answer is No, and it's pretty sad since SPAM mail constitutes 80-95% of all email traffic. Here's a live map of SPAM errupting at this very moment. Why is it such a tough phenomenon to fight? Well, SMTP (simple mail transfer protocol) was invented a long time ago and its authors did not expect the SPAM threat and the magnitude of the abuse therefore no precautions were made. Nevertheless, even if they did - the odds are such that SPAMers would still find a way to sneak in with their annoying solicitations. The good news is that it's possible to filter spam with such efficiency that almost no spam would reach one's Inbox. There are various AntiSpam tools available helping us to stop spam mail:

Client-based AntiSpam filters are usually free and all popular email clients come with a Junk Mail Filter embedded (Outlook, Thunderbird, etc). The reason we consider them weak lies in its low efficiency, of course, which is dictated by its retroactive nature. By the time a client-based AntiSpam tool gets its first chance to analyze an email message a big portion of the damage is already done - the SPAM email made it to the mailbox. Maybe the message is easily identifiable as SPAM by content however it's more likely that there's a clever cover up that hinders the correct analysis of the Junk Mail Filter.

Server-based AntiSpam filters are much, much more powerful. These filters run within an email server and thus they are capable of cutting out a communication attempt to deliver SPAM. In fact most SPAM is eradicated right of the bat in case of server-based filtering.

Let's consider a few mainstream email solutions popular among Small Businesses and see what AntiSpam tools are available.

Old school email system: Sendmail (Postfix) + IMAP

The most obvious advantage here is the cost (free) and Open Source philosophy. Since 2001 a free AntiSpam filter named SpamAssassin has been available for anyone running a linux-based email solution. These days SpamAssassin belongs to Apache foundation which continues its development.

The strongest side of SpamAssassin is its flexibility. A system administrator has access to all parameters of its engine and thus posseses an ultimate control over the system. Of course it'd require plenty of technical knowledge and wouldn't be a trivial task for a novice network technician.

Let us lists the core mechanisms of SpamAssassin which would serve as a perfect illustration of prime functions for any other server-based AntiSpam filter:

The deployment of SpamAssassin is not difficult at all these days and default options would deliver solid performance. False Positives are the biggest issue for any AntiSpam tool therefore it might be necessary to tweak SpamAssassin configuration to adjust its performance for specific circumstances.

Microsoft Exchange Server add-ons

There's a wide scope of products to choose here. For example, most small business AntiVirus products, such as Avast Email Server Security, boast to stop spam mail. Perhaps specialized AntiSpam tools carry more weapons and experience to fight SPAM. Allora recommends GFI MailEssentials product as it has served our clients very well over 6 years. Other solutions can be viewed at MSExchange.org page.

The installation of GFI MailEssentials or similar software is straight forward. GUI interface allows for quick and intuitive configuration. Among standard sets of filters which we introduced above GFI runs a very powerful, proprietary SpamRazor engine: "An anti-spam engine that determines if an email is spam by using email reputation, message fingerprinting and content analysis".

Outsourcing AntiSpam duties to a 3-rd party filter

Google invented a new type of AntiSpam tool: Postini. It is essentialy their proprietary AntiSpam filter for Gmail. If it's good for Google why wouldn't it be good for a small business? Thus the concept is simple, your email traffic would be redirected to flow through Google's email servers before reaching your email server. GFI offers a similar product: GFI MAX Security. The email flow is more complicated and most control is delegated to a 3-rd party. Some folks are not comfortable with this concept as they would want to keep their information in-house and confidential, others feel more comfortable outsourcing email connectivity and AntiSpam filtering. Generally speaking the setup is not exactly seemless but there are some appealing advantages, for example: any small business would feel rather secure hiding behind the back of a monster like Google.

At last we'd like to mention setting up SPF records for your domain. It's a special type of AntiSpam DNS records that helps a lot of organizations stop spam mail. Such records are very easy to create and deploy. In fact every small business should protect its domain name with SPF technology. Essentially these records tell the world the email marked as coming from your domain can only originate at a number of locations (IP's), with this information out there it's very difficult for SPAMers to fool recipients by faking emails supposedly coming from you.